Deze pagina is nog niet beschikbaar in uw eigen taal. We werken er hard aan om meer taalversies toe te voegen. Bedankt voor uw steun.

Example of Encryption

Updated on 2023-11-09 GMT+08:00

Encrypting an Object to Be Uploaded

Sample code:

  • SSE-C encryption
static OBSClient *client;
NSString *endPoint = @"your-endpoint";
// Hard-coded or plaintext AK/SK are risky. For security purposes, encrypt your AK/SK and store them in the configuration file or environment variables. In this example, the AK/SK are stored in environment variables for identity authentication. Before running this example, configure environment variables AccessKeyID and SecretAccessKey.
// Obtain an AK/SK pair on the management console. For details, see https://support.huaweicloud.com/eu/usermanual-ca/ca_01_0003.html.
char* ak_env = getenv("AccessKeyID");
char* sk_env = getenv("SecretAccessKey");
NSString *AK = [NSString stringWithUTF8String:ak_env];
NSString *SK = [NSString stringWithUTF8String:sk_env];

    
// Initialize identity authentication.
OBSStaticCredentialProvider *credentialProvider = [[OBSStaticCredentialProvider alloc] initWithAccessKey:AK secretKey:SK];
    
//Initialize service configuration.
OBSServiceConfiguration *conf = [[OBSServiceConfiguration alloc] initWithURLString:endPoint credentialProvider:credentialProvider];
    
// Initialize an instance of OBSClient.
client = [[OBSClient alloc] initWithConfiguration:conf];
    
// Use the SSE-C algorithm to upload an object.
NSData *uploadData = [NSData dataWithContentsOfFile:_imagePath];
OBSPutObjectWithDataRequest *request = [[OBSPutObjectWithDataRequest alloc]initWithBucketName:@"bucketname" objectKey:@"test/image1" uploadData:uploadData];
    
 // Encrypt the object.
request.encryption = [[OBSEncryptionTypeCustomer alloc]initWithAlgorithm:@"AES256" key:@"K7QkYpBkM5+hcs27fsNkUnNVaobncnLht/rCB2o/9Cw=" keyMD5:@"4XvB3tbNTN+tIEVa0/fGaQ=="];
    
request.uploadProgressBlock = ^(int64_t bytesSent, int64_t totalBytesSent, int64_t totalBytesExpectedToSend) {
    NSLog(@"%0.1f%%",(float)totalBytesSent*100/(float)totalBytesExpectedToSend);
};
[client putObject:request completionHandler:^(OBSPutObjectResponse *response, NSError *error){
    NSLog(@"%@",response);
}] ;
NOTE:
  • key: generated through AES256.
  • keyMD5: base64-encoded MD5 value of the key.
  • SSE-KMS encryption
static OBSClient *client;
NSString *endPoint = @"your-endpoint";
// Hard-coded or plaintext AK/SK are risky. For security purposes, encrypt your AK/SK and store them in the configuration file or environment variables. In this example, the AK/SK are stored in environment variables for identity authentication. Before running this example, configure environment variables AccessKeyID and SecretAccessKey.
// Obtain an AK/SK pair on the management console. For details, see https://support.huaweicloud.com/eu/usermanual-ca/ca_01_0003.html.
char* ak_env = getenv("AccessKeyID");
char* sk_env = getenv("SecretAccessKey");
NSString *AK = [NSString stringWithUTF8String:ak_env];
NSString *SK = [NSString stringWithUTF8String:sk_env];
    
// Initialize identity authentication.
OBSStaticCredentialProvider *credentialProvider = [[OBSStaticCredentialProvider alloc] initWithAccessKey:AK secretKey:SK];
    
//Initialize service configuration.
OBSServiceConfiguration *conf = [[OBSServiceConfiguration alloc] initWithURLString:endPoint credentialProvider:credentialProvider];
    
// Initialize an instance of OBSClient.
client = [[OBSClient alloc] initWithConfiguration:conf];
    
// Use the SSE-KMS algorithm to upload an object.
OBSPutObjectWithFileRequest *request = [[OBSPutObjectWithFileRequest alloc]initWithBucketName:@"bucketname" objectKey:@"objectname" uploadFilePath:_imagePath];
    
// SSE-KMS encryption
request.encryption = [[OBSEncryptionTypeKMS alloc]initWithKeyID:nil];
    
request.uploadProgressBlock = ^(int64_t bytesSent, int64_t totalBytesSent, int64_t totalBytesExpectedToSend) {
    NSLog(@"%0.1f%%",(float)floor(totalBytesSent*10000/totalBytesExpectedToSend)/100);
};
    
[client putObject:request completionHandler:^(OBSPutObjectResponse *response, NSError *error){
    NSLog(@"%@",response.etag);
}];

Decrypting a Downloaded Object

Sample code:

static OBSClient *client;
NSString *endPoint = @"your-endpoint";
// Hard-coded or plaintext AK/SK are risky. For security purposes, encrypt your AK/SK and store them in the configuration file or environment variables. In this example, the AK/SK are stored in environment variables for identity authentication. Before running this example, configure environment variables AccessKeyID and SecretAccessKey.
// Obtain an AK/SK pair on the management console. For details, see https://support.huaweicloud.com/eu/usermanual-ca/ca_01_0003.html.
char* ak_env = getenv("AccessKeyID");
char* sk_env = getenv("SecretAccessKey");
NSString *AK = [NSString stringWithUTF8String:ak_env];
NSString *SK = [NSString stringWithUTF8String:sk_env];
    
// Initialize identity authentication.
OBSStaticCredentialProvider *credentialProvider = [[OBSStaticCredentialProvider alloc] initWithAccessKey:AK secretKey:SK];
    
//Initialize service configuration.
OBSServiceConfiguration *conf = [[OBSServiceConfiguration alloc] initWithURLString:endPoint credentialProvider:credentialProvider];
    
// Initialize an instance of OBSClient.
client = [[OBSClient alloc] initWithConfiguration:conf];
    
// Decrypt the downloaded object.
NSString * outfilePath = [NSTemporaryDirectory() stringByAppendingString:@"test.png"];
OBSGetObjectToFileRequest *request = [[OBSGetObjectToFileRequest alloc]initWithBucketName:@"bbucketname" objectKey:@"objectname" downloadFilePath:outfilePath];
    
// Enter the key and keyMD5 used for encrypting the object during the object upload.
request.encryption = [[OBSEncryptionTypeCustomer alloc]initWithAlgorithm:@"AES256" key:@"K7QkYpBkM5+hcs27fsNkUnNVaobncnLht/rCB2o/9Cw=" keyMD5:@"4XvB3tbNTN+tIEVa0/fGaQ=="];
request.downloadProgressBlock = ^(int64_t bytesWritten, int64_t totalBytesWritten, int64_t totalBytesExpectedToWrite) {
    NSLog(@"%0.1f%%",(float)floor(totalBytesWritten*10000/totalBytesExpectedToWrite)/100);
};
[client getObject:request completionHandler:^(OBSGetObjectResponse *response, NSError *error){
    NSLog(@"%@",response.etag);
}];
Feedback

Feedback

Feedback

0/500

Selected Content

Submit selected content with the feedback